Back to Work
Blockchain , DeFi , Security , Web3

Jigstack

Jigstack is a popular cryptocurrency platform that allows companies to create their own unique digital tokens with ease. Check out how we enhanced their security.

Jigstack is a popular cryptocurrency platform that allows companies to create their own unique digital tokens with ease. Often referred to as the “Microsoft of Decentralised Finance”, Jigstack is an innovative platform that enables companies to offer their clients and customers a custom digital currency that is secure and easy to use.

Challenge

Jigstack approached Cloudoki, a leading security testing company, to perform a comprehensive security audit on their platform. Given the complex nature of the platform, which is built on the blockchain, the audit needed to cover a wide range of vulnerabilities, including those specific to smart contracts and blockchain technologies.

Solution

The penetration test for Jigstack was performed under our White Box penetration testing service.

Due to its nature as a custom-coded financial application built on the blockchain, it required this deep dive into security. We tested the web application, the integration of smart contracts, and the API. Our testing also extended to load and performance testing, as they expected a huge amount of traffic and transactions daily.

Some of the common vulnerabilities we test for are:

  • Remote Code Execution
  • SQL Injection
  • Path traversal attacks
  • File upload vulnerabilities
  • Parameter tampering
  • Access control flaws
  • Transport layer security, Business logic, and Authentication flaws
  • SMTP, Header, and JSON Injection
  • XML Injection / Code Execution

However, given the blockchain nature of this client, we also tested for some specific vulnerabilities. These are commonly exploited with smart contract and blockchain technologies:

  • Re-entrancy attacks
  • Over & Underflow attacks
  • Block Gas Limit
  • Front Running

Result

The security audit identified several vulnerabilities in Jigstack’s source code and penetration testing. Thanks to Cloudoki’s discoveries, Jigstack was able to secure itself against potential malicious actors. After patching the vulnerabilities, Cloudoki conducted full sanity and regression tests to ensure the platform’s stability and security. Jigstack was then able to scale up and handle a high volume of users and traffic on a regular basis. Here is what they had to say about our service:

“Working with Cloudoki was an awesome experience all around. Even with timezone differences, communication was smooth and really easy, which is really important when working against a tight deadline. Cyrex’ analysis and tests were all precise and really well explained, without sacrificing agility or comprehensiveness. They also ended up being crucial for the security and performance of our platform, so I can easily say Jigstack is satisfied with the work delivered and we’re keen to working once again with such a talented team.”

Jigstack Team

Related Works

Blockchain DeFi Security Web3

Syscoin & Pali Wallet

 | 9th January 2023

Cloudoki was engaged by Pollum to perform a penetration test to assess the risk of targete...

Read more
Blockchain DeFi Security Web3

0xblock

 | 9th December 2022

0xBlock is a staking app with members funding minting contracts that generate daily reward...

Read more
Security

Meet Roger

 | 9th November 2022

To help Meet Roger achieve its goal, Cloudoki conducted a thorough evaluation of both the ...

Read more
Healthcare Security

NephroFlow

 | 9th November 2022

Learn how Cloudoki helped secure this healthcare platform....

Read more